MEDIUM✓ PATCH🇬🇧 English

CVE-2019-1977

CVSS 6.8v3.0pub. 2019-08-30upd. 2024-11-21

A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an endpoint device in certain circumstances. The vulnerability is due to improper endpoint learning when packets are received on a specific port from outside the ACI fabric and destined to an endpoint located on a border leaf when Disable Remote Endpoint Learning has been enabled. This can result in a Remote (XR) entry being created for the impacted endpoint that will become stale if the endpoint migrates to a different port or leaf switch. This results in traffic not reaching the impacted endpoint until the Remote entry can be relearned by another mechanism.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
  • Cisco Nexus 9000

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93108tc Ex

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93108tc Fx

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93120tx

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93128tx

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93180lc Ex

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93180yc Ex

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 93180yc Fx

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9332pq

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9336c Fx2

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9336pq

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9348gc Fxp

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9364c

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9372px

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9372px E

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9372tx

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9372tx E

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9396px

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9396tx

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9504

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9508

    HW
    Cisco
    wszystkie wersje
  • Cisco Nexus 9516

    HW
    Cisco
    wszystkie wersje
  • Cisco Nx Os

    OS
    Cisco
    12.3\(1h\)13.1\(2m\)13.1\(2o\)13.1\(2p\)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2021-1361CRITICAL9.8ten sam produkt

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switc...

CVE-2019-1804CRITICAL9.8ten sam produkt

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (...

CVE-2018-0310CRITICAL9.8ten sam produkt

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could a...

CVE-2018-0301CRITICAL9.8ten sam produkt

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker ...

CVE-2018-0308CRITICAL9.8ten sam produkt

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could a...